Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A system for hardware offloading, the system comprising: at least one processor; a network interface card comprising a plurality of processing units; and at least one memory comprising computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the at least one processor to: program the network interface card with a mapping between (i) a connection identification (CID) for one or more QUIC data packets and (ii) a symmetric key and a crypto algorithm, wherein programming the network interface card comprises preprogramming the network interface card after an initial connection handshake and before performing a crypto decrypt operation; receive one or more data packets over a network, parse the one or more data packets to identify the one or more data packets as QUIC data packets and then obtain the CID for the QUIC data packets, send the CID to the network interface card, wherein the network interface card is configured to: identify the symmetric key and the crypto algorithm based on the CID, select one or more processing units of the plurality of processing units to process the QUIC data packets, the one or more processing units selected using a mapping in a hash table based on the CID, wherein a hashing algorithm accesses the hash table to map one or more keys defined by the CID to values for selecting the one or more processing units, process the QUIC data packets using the selected one or more processing units, the processing comprising performing the crypto decrypt operation on the QUIC data packets, and reassembling the QUIC data packets, and receive the reassembled QUIC data packets from the network interface card.
This invention relates to hardware offloading for network communication, specifically addressing the challenge of efficiently decrypting and processing QUIC data packets. The system includes a processor, a network interface card (NIC) with multiple processing units, and memory containing program code. The processor, in conjunction with the program code, configures the NIC. This configuration involves preprogramming the NIC with a mapping that associates a connection identifier (CID) from QUIC data packets with a specific symmetric key and cryptographic algorithm. This preprogramming occurs after an initial connection handshake and before any decryption is performed. When data packets arrive over the network, the system identifies them as QUIC data packets and extracts their CIDs. The CID is then sent to the NIC. The NIC uses this CID to look up the corresponding symmetric key and crypto algorithm from its preprogrammed mapping. Based on the CID, the NIC also selects one or more of its processing units for handling the QUIC data packets. This selection is done by hashing the CID to access a hash table, which maps CID-defined keys to values that specify the processing units. The selected processing units then perform the cryptographic decryption operation on the QUIC data packets and reassemble them. Finally, the reassembled data packets are returned to the system.
2. The system of claim 1 , wherein the hashing algorithm computes an array into one or more buckets or slots from which an output value is determined, the hash table located in an Internet Protocol (IP) layer of the protocol stack.
A system for network packet processing uses a hashing algorithm to distribute data into one or more buckets or slots within a hash table, where an output value is derived from these buckets. The hash table is positioned in the Internet Protocol (IP) layer of the protocol stack, enabling efficient packet routing and processing. The system likely includes a method for generating hash values from packet headers or payloads, distributing these values across the hash table, and using the resulting output to determine routing decisions, load balancing, or packet filtering. The hashing algorithm may employ techniques such as modular arithmetic, bitwise operations, or cryptographic functions to ensure uniform distribution and minimize collisions. By integrating the hash table at the IP layer, the system optimizes performance by reducing latency and improving throughput in network communications. This approach is particularly useful in high-speed networking environments where rapid packet classification and forwarding are critical. The system may also include mechanisms for dynamic resizing of the hash table to adapt to varying network loads and ensure consistent performance.
3. The system of claim 1 , wherein the network interface card is configured to use the CID to perform one of a receive segment coalescing (RSC) operation or a receive side scaling (RSS) operation.
A system for network communication includes a network interface card (NIC) that processes data packets using a connection identifier (CID) to optimize performance. The NIC is configured to perform either a receive segment coalescing (RSC) operation or a receive side scaling (RSS) operation based on the CID. RSC improves efficiency by combining multiple small packets into a larger segment before delivering them to the host system, reducing CPU overhead. RSS enhances load balancing by distributing incoming packets across multiple CPU cores, preventing bottlenecks. The CID, which uniquely identifies a network connection, allows the NIC to determine the appropriate operation for each packet. This system addresses the problem of inefficient packet processing in high-performance networking environments, where traditional methods may lead to excessive CPU utilization or uneven workload distribution. By leveraging the CID, the NIC dynamically selects the optimal processing method, improving throughput and reducing latency. The system is particularly useful in data centers, cloud computing, and high-speed networking applications where performance and scalability are critical.
4. The system of claim 1 , wherein the computer program code is further configured to, with the at least one processor, cause the at least one processor to send one or more packets to be transmitted over the network to the network interface card, wherein the network interface card is further configured to: identify the symmetric key and the crypto algorithm based on the CID to perform a crypto encrypt operation on the one or more data packets, and transmit the encrypted one or more data packets as QUIC data packets.
This invention relates to secure data transmission in network communications, specifically improving encryption efficiency in systems using the QUIC protocol. The problem addressed is the overhead and latency associated with traditional encryption methods in high-speed network environments, particularly when handling multiple data streams with different security requirements. The system includes a network interface card (NIC) and a processor executing program code to manage encrypted data transmission. The NIC is configured to receive data packets from the processor and perform encryption operations using a symmetric key and a specified cryptographic algorithm. The encryption process is triggered by a context identifier (CID) embedded in the data packets, which the NIC uses to dynamically select the appropriate key and algorithm for each packet. This allows the NIC to offload encryption tasks from the main processor, reducing latency and improving throughput. The encrypted packets are then transmitted as QUIC data packets, a protocol designed for fast, secure web communications. By integrating encryption directly into the NIC, the system minimizes the processing burden on the host system while maintaining strong security. This approach is particularly beneficial in environments requiring high-speed, low-latency encrypted communications, such as cloud computing, content delivery networks, and real-time applications. The invention enhances performance by leveraging hardware acceleration for cryptographic operations, ensuring efficient and secure data transmission.
5. The system of claim 4 , wherein the network interface card is configured to use the CID to perform a large send offload (LSO) operation.
A system for network communication includes a network interface card (NIC) that processes data packets for transmission over a network. The NIC is configured to use a connection identifier (CID) to perform a large send offload (LSO) operation. LSO is a technique that allows the NIC to segment large data packets into smaller frames, reducing the processing burden on the host system. The CID uniquely identifies a network connection, enabling the NIC to efficiently manage and optimize data transmission for that connection. The system may also include a host processor that interacts with the NIC to prepare data for transmission, and the NIC may further support other offload operations such as checksum offloading or TCP segmentation. The use of the CID in LSO ensures that the NIC can correctly segment and transmit data without requiring extensive host intervention, improving overall network performance and reducing CPU overhead. This approach is particularly useful in high-throughput environments where minimizing host processing is critical.
6. The system of claim 4 , wherein the network interface card is configured to chop up the one or more QUIC data packets using a process that does not result in IP fragmentation.
The system involves a network interface card (NIC) designed to optimize data transmission in high-speed networks, particularly for protocols like QUIC, which prioritize low-latency communication. The problem addressed is the inefficiency and potential performance degradation caused by IP fragmentation when large data packets are transmitted over networks with varying maximum transmission unit (MTU) sizes. IP fragmentation occurs when a packet exceeds the MTU of a network link, requiring the packet to be split into smaller fragments, which increases overhead and can lead to packet loss or delays. The NIC is configured to preemptively segment QUIC data packets into smaller units before transmission, ensuring the segments do not exceed the MTU of any network link in the path. This segmentation process is distinct from traditional IP fragmentation because it is performed at the NIC level rather than by intermediate routers, avoiding the associated inefficiencies. By proactively adjusting packet sizes, the system ensures reliable and efficient data transfer without relying on fragmentation, which can be error-prone and resource-intensive. This approach is particularly beneficial in environments where QUIC is used, as it maintains the protocol's performance advantages while mitigating fragmentation-related issues. The NIC may also include logic to dynamically determine optimal segment sizes based on network conditions or predefined MTU values.
7. The system of claim 1 , wherein the computer program code is further configured to, with the at least one processor, cause the at least one processor to offload one of an Advanced Encryption Standard (AES), Galois/Counter Mode (GCM) or ChaCha/Poly crypto to the network interface card as part of a crypto offload.
A system for enhancing cryptographic operations in network communications involves offloading specific encryption algorithms to a network interface card (NIC) to improve performance and efficiency. The system addresses the computational overhead associated with cryptographic processing in network devices, particularly in scenarios requiring high-speed data transmission and secure communication. By delegating encryption tasks such as Advanced Encryption Standard (AES), Galois/Counter Mode (GCM), or ChaCha/Poly to the NIC, the system reduces the burden on the central processing unit (CPU), allowing for faster data processing and lower latency. The NIC handles the encryption and decryption operations, ensuring that data is securely transmitted while optimizing system resources. This approach is particularly beneficial in environments where real-time processing and high throughput are critical, such as in cloud computing, data centers, and secure network communications. The system integrates seamlessly with existing network infrastructure, providing a scalable and efficient solution for cryptographic offloading.
8. The system of claim 1 , wherein the network interface card is configured to use the CID and a 4-tuple of source and destination addresses to perform the crypto decrypt operation.
A system for network communication security involves a network interface card (NIC) that performs cryptographic decryption operations. The NIC uses a connection identifier (CID) and a 4-tuple of source and destination addresses to decrypt incoming data packets. The 4-tuple includes the source IP address, destination IP address, source port, and destination port, which together uniquely identify a network connection. The CID is a unique identifier assigned to the connection, ensuring that decryption is performed only for packets belonging to the correct session. This approach offloads decryption tasks from the host processor, improving performance and reducing latency. The system is designed for high-speed network environments where secure communication is required, such as in data centers, cloud computing, or enterprise networks. By integrating decryption directly into the NIC, the system minimizes overhead and enhances throughput while maintaining security. The NIC may also include hardware acceleration for cryptographic operations, further optimizing performance. This method ensures that only authorized packets are processed, preventing unauthorized access or data breaches. The system is particularly useful in scenarios where multiple secure connections must be managed simultaneously, such as in virtualized or containerized environments.
9. A computerized method for hardware offloading, the computerized method comprising: programming a network interface card with a mapping between (i) a connection identification (CID) for one or more QUIC data packets and (ii) a symmetric key and a crypto algorithm, the network interface card comprising a plurality of processing units, wherein programming the network interface card comprises preprogramming the network interface card after an initial connection handshake and before performing decrypting and encrypting operations; and identifying the CID for one or more QUIC data packets and sending the CID to the network interface card, wherein the network interface card is configured to: select one or more processing units of the plurality of processing units to process the QUIC data packets, the one or more processing units selected using a mapping in a hash table based on the CID, wherein a hashing algorithm accesses the hash table to map one or more keys defined by the CID to values for selecting the one or more processing units, and process the QUIC data packets using the selected one or more processing units, the processing comprising performing one of (i) receiving and decrypting the one or more QUIC data packets over a network or (ii) encrypting and transmitting the one or more QUIC data packets over the network, the symmetric key and the crypto algorithm for the decryption or encryption being identified by the network interface card based on the CID for the one or more QUIC data packets.
This invention relates to hardware offloading for QUIC (Quick UDP Internet Connections) data packets, addressing the computational overhead of encryption and decryption in high-performance networking. The method involves programming a network interface card (NIC) with a mapping between a connection identification (CID) for QUIC packets and a symmetric key along with a cryptographic algorithm. This programming occurs after the initial connection handshake but before any encryption or decryption operations begin. The NIC, which includes multiple processing units, uses a hash table to map the CID to specific processing units, ensuring efficient distribution of workload. When a QUIC packet arrives, the NIC identifies its CID, selects the appropriate processing units via the hash table, and performs either decryption of incoming packets or encryption of outgoing packets using the preprogrammed symmetric key and algorithm. This approach offloads cryptographic operations from the host CPU to the NIC, improving performance and reducing latency in high-speed network communications. The system dynamically assigns processing units based on the CID, optimizing resource utilization and ensuring secure, efficient data transmission.
10. The computerized method of claim 9 , further comprising performing, by the network interface card, a receive side scaling (RSS) operation using the CID when receiving the one or more QUIC data packets.
A computerized method for processing network data packets, particularly in high-performance computing environments, addresses the challenge of efficiently distributing incoming data packets across multiple processing cores to optimize throughput and reduce latency. The method involves a network interface card (NIC) that assigns a connection identifier (CID) to one or more QUIC (Quick UDP Internet Connections) data packets. The NIC then performs a receive side scaling (RSS) operation using the CID to distribute the packets across multiple processing cores. This ensures that packets belonging to the same connection are consistently routed to the same core, improving performance by maintaining connection state locality. The method also includes dynamically adjusting the CID assignment based on network conditions or workload demands to further enhance efficiency. By leveraging the CID for RSS, the system avoids the overhead of traditional methods that rely on IP or port-based hashing, which can lead to uneven distribution and performance bottlenecks. The approach is particularly beneficial in high-traffic scenarios where low-latency and high-throughput processing are critical.
11. The computerized method of claim 9 , further comprising performing, by the network interface card, a receive a segment coalescing (RSC) operation using the CID when receiving the one or more QUIC data packets.
A computerized method for optimizing network communication involves processing data packets in a high-speed, low-latency manner. The method addresses inefficiencies in traditional packet processing by leveraging a connection identifier (CID) to streamline operations. When receiving one or more QUIC (Quick UDP Internet Connections) data packets, the method performs a receive segment coalescing (RSC) operation using the CID. RSC combines multiple smaller packets into a larger, more manageable segment, reducing processing overhead and improving throughput. The CID ensures accurate packet reassembly by uniquely identifying the connection, preventing misrouting or data corruption. This technique is particularly useful in high-performance networking environments where minimizing latency and maximizing efficiency are critical. The method may also involve other optimizations, such as offloading packet processing tasks to a network interface card (NIC) to further reduce CPU utilization. By integrating RSC with CID-based identification, the method enhances network performance while maintaining reliability and security.
12. The computerized method of claim 9 , further comprising performing, by the network interface card, a large send offload (LSO) operation using the CID when transmitting the one or more QUIC data packets.
A computerized method for optimizing network communication involves processing data packets using a connection identifier (CID) to improve efficiency in high-speed data transmission. The method addresses the problem of latency and processing overhead in network communications, particularly in protocols like QUIC, which require rapid packet transmission and minimal computational burden. The method includes generating one or more QUIC data packets for transmission over a network, where each packet is associated with a CID that uniquely identifies the connection. The network interface card (NIC) performs a large send offload (LSO) operation using the CID to offload the segmentation of large data packets into smaller, transmit-ready segments. This offloading reduces the processing load on the host system by leveraging the NIC's hardware capabilities, thereby accelerating data transmission and reducing latency. The method ensures that the CID is preserved during the LSO operation, maintaining connection integrity and enabling efficient packet processing at the receiving end. This approach is particularly useful in high-performance networking environments where minimizing CPU overhead and maximizing throughput are critical.
13. The computerized method of claim 12 , further comprising performing, by the network interface card, chopping up the one or more QUIC data packets, using a process that does not result in IP fragmentation, before transmitting the one or more QUIC data packets.
This invention relates to optimizing data transmission in network communication systems, specifically addressing inefficiencies in handling QUIC (Quick UDP Internet Connections) data packets. QUIC is a transport protocol designed for low-latency communication, but its large packet sizes can lead to inefficiencies, particularly when transmitted over networks with smaller maximum transmission unit (MTU) sizes. The invention provides a method to improve QUIC packet transmission by chopping up the packets before transmission, ensuring the process does not cause IP fragmentation, which can degrade performance. The method involves a network interface card (NIC) processing QUIC data packets to divide them into smaller segments without relying on IP fragmentation. This pre-processing step ensures that the packets conform to the MTU constraints of the network, reducing the risk of packet loss or retransmission delays. By handling the segmentation at the NIC level, the method minimizes overhead on the host system and improves overall transmission efficiency. The approach is particularly useful in high-speed networks where latency and packet loss must be minimized. The invention enhances QUIC's performance by preemptively adjusting packet sizes, ensuring smoother and more reliable data delivery.
14. The computerized method of claim 9 , further comprising offloading one of an Advanced Encryption Standard (AES), Galois/Counter Mode (GCM) or ChaCha/Poly crypto to the network interface card as part of a crypto offload, and using the CID and a 4-tuple of source and destination addresses to perform the crypto decrypt operation.
This invention relates to network security and cryptographic processing in computing systems. The problem addressed is the computational overhead of performing encryption and decryption operations in software, which can degrade system performance, particularly in high-throughput network environments. The solution involves offloading cryptographic operations to a network interface card (NIC) to improve efficiency. The method involves using a network interface card (NIC) to perform cryptographic operations such as encryption and decryption. Specifically, the method offloads one of the Advanced Encryption Standard (AES), Galois/Counter Mode (GCM), or ChaCha/Poly cryptographic algorithms to the NIC. The offloaded cryptographic operation is performed using a connection identifier (CID) and a 4-tuple consisting of source and destination addresses. This approach allows the NIC to handle the cryptographic processing, reducing the burden on the central processing unit (CPU) and improving overall system performance. The method is particularly useful in scenarios where secure communication is required, such as in virtualized environments or high-speed data transfers. By leveraging the NIC's capabilities, the system can achieve faster and more efficient cryptographic operations while maintaining security.
15. One or more computer storage media having computer-executable instructions for hardware offloading that, upon execution by a processor, cause the processor to at least: program a network interface card with a mapping between (i) a connection identification (CID) for one or more (QUIC) data packets and (ii) a symmetric key and a crypto algorithm, the network interface card comprising a plurality of processing units; wherein programming the network interface card comprises preprogramming the network interface card after an initial connection handshake and before performing decrypting and encrypting operations; and identify the CID for one or more QUIC data packets and send the CID to the network interface card, wherein the network interface card is configured to: select one or more processing units of the plurality of processing units to process the QUIC data packets, the one or more processing units selected using a mapping in a hash table based on the CID, wherein a hashing algorithm accesses the hash table to map one or more keys defined by the CID to values for selecting the one or more processing units, and process the QUIC data packets using the selected one or more processing units the processing comprising performing one of (i) receiving and decrypting the one or more QUIC data packets over a network or (ii) encrypting and transmitting the one or more QUIC data packets over the network, the symmetric key and the crypto algorithm for the decryption or encryption being identified by the network interface card based on the CID for the one or more QUIC data packets.
This invention relates to hardware offloading for QUIC (Quick UDP Internet Connections) data packet processing, specifically optimizing encryption and decryption operations by leveraging a network interface card (NIC) with multiple processing units. The problem addressed is the computational overhead of encrypting and decrypting QUIC packets, which are increasingly used in modern web protocols like HTTP/3. The solution involves programming the NIC with a mapping between a connection identification (CID) for QUIC packets and a symmetric key along with a cryptographic algorithm. This programming occurs after the initial connection handshake but before any encryption or decryption operations begin. The NIC uses a hash table to map the CID to specific processing units, ensuring efficient distribution of workload across the NIC's multiple processing cores. When a QUIC packet arrives, the NIC identifies its CID, selects the appropriate processing units via the hash table, and performs either decryption (for incoming packets) or encryption (for outgoing packets) using the preprogrammed symmetric key and algorithm. This approach reduces CPU overhead by offloading cryptographic operations to the NIC, improving performance for high-speed network communications.
16. The one or more computer storage media of claim 15 , wherein the network interface card is configured to perform receive side scaling (RSS) using the CID when receiving the one or more QUIC data packets.
This invention relates to network communication systems, specifically improving data packet processing efficiency in high-performance computing environments. The problem addressed is the inefficiency in handling large volumes of QUIC (Quick UDP Internet Connections) data packets, particularly when using receive side scaling (RSS) techniques to distribute packet processing across multiple CPU cores. Traditional methods often fail to optimize packet distribution based on connection identifiers (CIDs), leading to bottlenecks and suboptimal performance. The invention involves a network interface card (NIC) configured to perform RSS using a connection identifier (CID) when receiving QUIC data packets. The NIC processes incoming packets by extracting the CID from each packet and using it to determine the appropriate CPU core for handling the packet. This ensures that packets belonging to the same connection are consistently routed to the same core, reducing context switching and improving processing efficiency. The NIC may also include a memory buffer to temporarily store packets before distribution, further optimizing throughput. Additionally, the system may support dynamic reconfiguration of RSS parameters based on network conditions or workload demands, allowing for adaptive performance tuning. The invention enhances scalability and reduces latency in high-speed network environments by leveraging hardware-based packet distribution mechanisms.
17. The one or more computer storage media of claim 15 , wherein the network interface card is configured to perform a receive segment coalescing (RSC) operation using the CID when receiving the one or more QUIC data packets.
This invention relates to network interface card (NIC) operations in high-performance computing environments, particularly for handling QUIC (Quick UDP Internet Connections) data packets. The problem addressed is the inefficiency in processing QUIC packets, which are increasingly used for low-latency applications but require specialized handling due to their encryption and multiplexing features. The invention involves a NIC configured to perform receive segment coalescing (RSC) operations using a connection identifier (CID) when receiving QUIC data packets. RSC is a technique that combines multiple small packets into larger segments to reduce CPU overhead and improve throughput. The NIC uses the CID, which uniquely identifies a QUIC connection, to group and coalesce packets belonging to the same connection. This allows the NIC to efficiently process encrypted QUIC traffic without requiring the host CPU to handle each packet individually, thereby reducing latency and improving performance. The NIC may also include a memory buffer to store the coalesced segments before forwarding them to the host system. Additionally, the NIC may support dynamic adjustment of coalescing parameters based on network conditions or application requirements. The invention ensures that QUIC packets are processed in a way that maintains the protocol's low-latency benefits while optimizing system resources. This approach is particularly useful in data centers, cloud computing, and other environments where high-speed, encrypted network traffic is prevalent.
18. The one or more computer storage media of claim 15 , wherein the network interface card is configured to perform a large send offload (LSO) operation using the CID when transmitting the one or more QUIC data packets.
This invention relates to network communication optimization, specifically improving data transmission efficiency in high-speed networks using the QUIC protocol. The problem addressed is the overhead and latency associated with transmitting multiple QUIC data packets, particularly in environments where large data transfers are common. The solution involves a network interface card (NIC) that performs a large send offload (LSO) operation to reduce CPU overhead and accelerate data transmission. The NIC is configured to handle the segmentation of large data payloads into smaller packets before transmission, leveraging a connection identifier (CID) to manage the QUIC protocol's connection state. By offloading the segmentation process from the CPU to the NIC, the system reduces processing delays and improves throughput. The NIC uses the CID to ensure proper packet sequencing and error handling, maintaining the integrity of the QUIC connection while minimizing latency. This approach is particularly beneficial in high-performance computing and cloud environments where low-latency, high-throughput communication is critical. The invention enhances network efficiency by reducing CPU utilization and accelerating data transfer rates.
19. The one or more computer storage media of claim 15 , wherein the network interface card is configured to perform chopping up the one or more QUIC data packets, using a process that does not result in IP fragmentation, before transmitting the one or more QUIC data packets.
This invention relates to network communication optimization, specifically addressing inefficiencies in transmitting QUIC (Quick UDP Internet Connections) data packets over networks. QUIC is a transport protocol designed for low-latency communication, but its large data packets can lead to inefficiencies when transmitted over networks with varying maximum transmission unit (MTU) sizes, often resulting in IP fragmentation, which increases overhead and reduces performance. The invention involves a network interface card (NIC) configured to process QUIC data packets before transmission. The NIC performs a chopping process that divides the QUIC data packets into smaller segments without causing IP fragmentation. This ensures that the packets conform to the MTU size of the network path, preventing the need for intermediate routers to fragment the packets. By avoiding IP fragmentation, the solution reduces packet overhead, improves transmission efficiency, and enhances overall network performance. The NIC handles this segmentation transparently, ensuring compatibility with existing QUIC implementations while optimizing data transfer. This approach is particularly useful in environments where network paths have inconsistent MTU sizes, such as in mobile or heterogeneous networks.
20. The one or more computer storage media of claim 15 , wherein the computer-executable further cause the processor to at least offload one of an Advanced Encryption Standard (AES), Galois/Counter Mode (GCM) or ChaCha/Poly crypto to the network interface card as part of a crypto offload, and use the CID and a 4-tuple of source and destination addresses to perform the crypto decrypt operation.
This invention relates to network security and cryptographic processing in computing systems. The problem addressed is the computational overhead of performing encryption and decryption operations in software, which can degrade system performance, particularly in high-throughput network environments. The solution involves offloading cryptographic operations to a network interface card (NIC) to improve efficiency. The system includes one or more computer storage media storing computer-executable instructions that, when executed by a processor, perform cryptographic operations. Specifically, the system offloads one of three cryptographic algorithms—AES, Galois/Counter Mode (GCM), or ChaCha/Poly—to the NIC as part of a cryptographic offload process. The offloaded cryptographic operation is a decrypt operation, which is performed using a connection identifier (CID) and a 4-tuple consisting of source and destination addresses. The 4-tuple includes the source IP address, destination IP address, source port, and destination port, which together uniquely identify a network connection. The CID is used to associate the cryptographic operation with the correct network connection. By offloading these cryptographic operations to the NIC, the system reduces the processing burden on the main CPU, allowing for faster and more efficient data processing in network communications. This approach is particularly useful in environments where high-speed encryption and decryption are required, such as in data centers, cloud computing, and secure network communications.
Unknown
September 22, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.